About STP (Spanning Tree Protocol) | Part 1
Spanning Tree Protocol (STP) is a Layer 2 protocol that prevents switching loops and broadcast storms by placing redundant links into a blocking state when necessary.
Here what the protocol STP is and can do and is used for:
STP is a layer 2 protocol.
Stops layer 2 loops/broadcast storms.
Used for redundancy.
With STP it is possible to implement multiple paths to a destination.
Done by changing the state of a redundant port to blocking state.
Blocking state ports can change to forwarding state if any forwarding port fails.
By putting some ports in forwarding and some ports in blocking, there is always a single path between two points in a network.
How it works:
Ports that have STP enabled sends and receives “Hello BPDU” messages. Hello BPDU messages are send out of STP enabled ports every 2 seconds. BPDU stands for Bridged Protocol Data Unit.
If Hello BPDU message is received on any STP enabled port, the switch that receives it understands that the interface that the STP enabled port is connected to is a switch, or a STP capable device or at least passes STP packets (i.e., a dumb device with two bridged ports may possibly pass STP packets.
The bridge Identifier field in a STP packet is used to elect a root bridge.
Root bridge always has all it’s STP ports in forwarding state. So that all other switches can reach it.
Here a screenshot from Wireshark, capturing a STP Packet from my Perle switch, showing it's Root Identifier Field:
Process to that switches use in a network to put ports in forwarding and blocking state:
Switches first look at the priority. Lowest priority bridge ports become root bridge.
Next is mac-address. If priority is same, mac-address determines who is going to be root.
Default Bridge Priority is 32768. Which is the case here.
Root Bridge System ID Extension is 1. Which is basically the VLAN ID. By changing this, it will essentially be a PVST (Per VLAN Spanning Tree), which runs separate STP instances in each VLAN.
As soon as the switch is on, it thinks it as the root bridge.
The moment it receives a STP packet lower than its own mac address, it gives up it’s root position.
When a network is laid out and turned on, all switches agree on who is the root bridge.
Only root bridge sends out STP BPDU, all the other switches only forward it.
All the other switches will have one of it’s port set as root port. Root ports are also in forwarding state. The interface with lowest root cost will become the root port. Root cost is the total cost of all the outgoing interfaces to reach the root bridge. Also, the ports that are connected to a root port of another switch must be in forwarding state, as it should not block the path of the root port to the root bridge.
The switch that is a root bridge, it all of it’s designated ports that are in forwarding state has a root cost of zero, as they are already in the root.
The link that connects to a root bridge is called a root port. The ports in a root bridge are not root port because they are not linking to a root bridge. The ports in a root bridge are called designated port. The designated ports in a root bridge are always in forwarding state. A root bridge has all its ports which are designated ports and are all in forwarding state.
STP Root Path Cost by Link Speed:
If root cost matches then, the port which has a neighbour switch with lowest bridge ID (priority + vlan and then mac-address) will become the root port.
If root cost matches and the bridge ID also matches (this can happen if two ports from one switch is connect to two ports from another switch), then the port ID (priority of the port + port number) will be the determining factor. Usually priority is the same unless it is changed manually, in this case the port with port number becomes the root port.
After all these, all the collision domains that are left will put one of ports in forwarding and one to blocking. Now, to put ports in blocking state, let's say two switches are connected, one of the ports from one switch has be in blocking state to prevent loop forming. These two switches has a path to the root bridge via their root port. Now between these two switches, to put one port between them in blocking state, both switches will look at each other's total root cost to the root bridge. The switch with lowest root cost will keep it's port as designated (forwarding) and the other switch will make it's port non-designated (blocking). If root cost is same, then both the switches will look at each other's bridge ID (priority + vlan and then mac-address). The switch with lowest bridge ID will keep it's port as designated (forwarding)and the other switch make it's port non-designated (blocking).
Summary:
First step: electing one switch as root bridge (all forwarding ports). Determining factor is lowest bridge ID (priority + vlan and then mac-address).
Second step: every other switch making one of it's port as root port. Determining factors: lower total root cost to the root bridge, if that matches then lowest neighbour bridge ID (priority + vlan and then mac-address), if that matches then lowest neighbour port ID (priority of the port + port number)
Third and final step: remaining collision domain between two switch's ports will put one port in blocking state, another to forwarding. Determining factor to select the forwarding port: which switch has the lowest root cost to the root bridge, if that matches then lowest bridge ID (priority + vlan and then mac-address)
With testing and capturing packets using Wireshark with a switch, here is what I have found:
STP packets are being captured every 2 seconds.
Source is the switch.
The destination MAC address "spanning-tree-(for-bridges)_00" means that the packet is being sent to the Spanning Tree Protocol multicast group address.
The protocol is STP as expected.
Length is 60 Bytes. Standard ethernet frame size is 64 Bytes. 4 Bytes has been removed by Wireshark.
And this would be the STP packet:
Continue to Part 2.
Comments
Post a Comment